DNS Malware | Are You Attacked or Infected ?

The FBI’s temporary Internet servers will go dark Monday, leaving
thousands of unsuspecting malware-infected individuals without online
access.
What temporary Internet servers, you ask? They might have been
connecting you to Facebook, YouTube, and — ahem! — RitroSoft.com for the
last month, and you didn’t even know it. Really.Why is this happening? It all has to do with a piece of computer malware called DNS Changer.
It started in 2007, when a group of hackers — six Estonians and one
Russian — allegedly started masquerading as Internet advertisers who
were paid by the click, according to an 2011 indictment from
the U.S. Attorney General’s Office in the Southern District of New
York. In other words, if an ad got more clicks, they pocketed more cash.
So they figured out a way to beat the system, according to the
indictment. They created a piece of malware, called DNS Changer, that
tampered with the DNS — the thing that takes a website address and finds
the numerical IP address to connect you to that website — redirecting
millions of Internet users to sites they didn’t search for.
For instance, if your computer was infected and you clicked a link to
go to Netflix, you would wind up at “BudgetMatch,” according to the
FBI. The practice is called “click hijacking.”
Once the FBI got around to fixing the problem in 2011, it realized it
couldn’t simply shut down the rogue servers because infected computers
would be left without a functioning DNS, leaving them virtually
Internet-less. So it set up temporary servers to give malware-infected
Internet users time to fix their computers.
And time runs out on Monday, July 9.
(There isn’t a planned attack this Monday that will shut down the
Internet; those whose computers are already infected will lose the
Band-Aid the FBI put on the problem more than a year ago.)

Who Is Affected?
Initially, there were more than 4 million infected computers in 100
countries, including 500,000 in the United States, according to the
indictment.
As of July 4, there were only about 46,000 in the United States, FBI
spokeswoman Jenny Shearer told HackShark.com today. (That’s out of
nearly 300,000 worldwide.)
PCs and Apple Macs have been infected. Routers and iPads were hit, too.
As of June, the United States had more infected computers than any other country, according to data from the DNS Changer Working Group, or DCWG, a group working on cleanup resulting from the malware.

How Do I Know if My Computer Is Infected?
You can check to see whether your computer is infected by clicking on this link, which is run by DCWG.
If the page is green, you’re in the clear. If it’s red, your computer is infected.
On Thursday the site got 2 million hits, but very few of those
computers were infected, DCWG volunteer Barry Greene told HackShark.com.
Google and Facebook say they have also set up notifications for
infected users. If you type in a search term and see a message that
says, “Your computer appears to be infected” at the top of your screen,
guess what. Your computer is infected.
Comcast, AT&T and Verizon are among the other organizations notifying customers if they have infected machines.
Important: According to DCWG, you should not need to scan, make
changes or download anything to tell whether your computer is infected.

My Computer Is Infected. Now What?

The good news is DCWG has put together a page of trusted tools and a step-by-step guide for how to fix your computer.
The bad news is it can take a day or two actually to fix the problem,
Greene told RitroSoft.com. That’s because the malware is in a deep
section of the hard drive called the “boot sector.”
“The malware problem out there is nasty, and it’s impacted society on
multiple levels,” Greene said. “It’s extremely hard to get rid of. In
most companies, if they get infected with it, they throw away the hard
drive.”
If you can’t do that, follow the instructions. They include backing up your files and reinstalling your operating system.

What Do I Do if I Lose Internet on Monday?
The FBI and DCWG recommend contacting your Internet service provider.
They’ll be able to give you instructions on what to do next.